Malware Attacks Apple iOS App Store, Infects Over 300 Apps

For the first time, Apple’s iOS mobile operating system was targeted with a large-scale malware attack, infecting several popular Chinese apps and exposing vulnerability in Apple’s mobile platform. The origin of the hack was an unauthorized version of Apple’s developer tool kit, hosted on the Baidu Pan cloud, which was touted as taking much less time to download than the official toolkit, Xcode. An unknown number of apps were infected, but one Chinese security company, Qihoo 360 Technology, estimates 344.

The Wall Street Journal reports that Baidu, the Chinese search company offering Baidu Pan, removed the file shortly after learning about its existence, The malware, dubbed XcodeGhost by researchers at Alibaba Mobile Security, infects any app created or altered with it.

apps2Apps infected with the malicious virus can create fake alerts to harvest passwords to Apple’s iCloud service, send information about a user’s device, and read and write information on the user’s clipboard.

Reuters quotes Palo Alto Networks that, prior to this attack, Apple had found “a total of just five malicious apps” in the App Store. “It is the first reported case of large numbers of malicious software programs making their way past Apple’s stringent app review process.” Apple has removed any tainted apps it found in the Store, says Reuters.

Among the hacked iPhone/iPad apps are Tencent Holdings’ mobile app WeChat, car-hailing app Didi Kuaidi, and a Spotify-like music app from Internet portal NetEase, says WSJ. The three companies issued statements that no sensitive customer information had been compromised.

The number of devices impacted by the hack is unknown but WeChat has more than 500 million users, says Tencent. Apple phones make up about 15 percent of China’s smartphone market, notes research firm IDC. Apple has not yet described how iPhone/iPad users could determine if their devices were infected.

Alibaba security researcher Claud Xiao wrote on the company website that “XcodeGhost is a very harmful and dangerous malware that has bypassed Apple’s code review,” and could potentially be used by criminals and spies to gain access to iOS devices.

Palo Alto Networks Director of Threat Intelligence Ryan Olson notes that the breach was “a pretty big deal” because it’s hard to defend against hackers infecting machines of software developers writing legitimate apps. “Developers are now a huge target,” he says.

No Comments Yet

You can be the first to comment!

Sorry, comments for this entry are closed at this time.